On Tue, Oct 09, 2001 at 03:25:00PM +0300, Emil wrote: > For your regular email use relays on which you have at least a local account if > not root. If you have root access use VPNs (I found CIPE very handy) or write > your own encrypted relay software that listens to some port and resends your > mails on port 25. Alternatively openssl/ssh can be used to tunnel pop3 and smtp > protocols. Using relays has the advantage of decoupling you (and your personal > computer) from your emails. Use many relays randomly chosen with as many users > as you can find (hacked computers are preferred ;-). > There appears to be an exploitable weakness in ssh right now. Characters are transmitted as fast as typed; interpacket timings carry probabilistic data on which character pairs were typed. An Israeli student has done a paper on how to use a hidden markov model to extract root passwords. Oh, and the iniitial packets sizes in a root logon have a detectable signature. See http://comnet.technion.ac.il/~cn19s01/ If anyone knows the guys working on ssh, make sure they are aware of this. I tried getting email through the web site but there was no good address there and I have not gotten a reply. -- ------------------------------------------------------ Use Linux: A computer Dale Amon, CEO/MD is a terrible thing Village Networking Ltd to waste. Belfast, Northern Ireland ------------------------------------------------------ Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
